Remote attackers can use specially crafted requests with directory-traversal sequences ('../') to retrieve arbitrary files in the context of the application.Exploiting this issue may allow an attacker to obtain sensitive information that could aid in further attacks.IBM WebSphere Portal versions 7.0.0.x and 8.0 are vulnerable